I was recently at Zinnov Confluence 2017 and
got to present an opening note on the topic- Security 2.0- Safeguarding the
Digital Frontier. For the benefits of the readers, I am trying to recreate my
speech as much as I can in the below here. Will be sharing the slide-deck shortly.
Not so long ago, I was reading this intriguing book by the
name- The
Inevitable. Written ably by a futurist named- Kevin Kelly, this book gives
glorious insights into technological forces that will shape our future.
We are approaching an interesting world. The reason I call
it interesting is because as much as AI powered automation (also known as
automation on steroids) is going to impact a myriad of jobs as we know them,
there are lot of new, unthinkable jobs that would emerge. Being a Futurist is
one such job that I am fascinated with. I do believe all of us have a hidden
futurist in us that in our own ways helps us makes sense of how upcoming events
of the future would impact us. If we wear that futurist hat for a moment, I don’t
think it will take long for us to come to a conclusion that the world- for both
consumers and enterprises alike- is headed towards a massive digital
disruption.
Technology was, is and has always been and will be humanity’s
accelerant, a driving force that has been instrumental in taking the humanity
from one level to the next. Kevin Kelly
says in his
book- “We are moving away from the
world of fixed nouns and towards a world of fluid verbs. In the next 30 years
we will continue to take solid things- an automobile for instance and turn them
into intangible verbs. Products will become services and processes. Embedded
with high doses of technology, an automobile becomes a transportation service.”
Cloud Powers the World:
When you think of broad range of technologies that came to
power the world in the last 10-15 years,
one that has emerged as absolute no. 1
enabler- without a doubt is cloud. Think about mobility, big data analytics,
artificial intelligence, internet of things- none of them could have attained
the kind of maturity they had now, had it not been for the cloud. The cloud
from being just the tool to cut cost became an amazing enabler for everything
else that’s happening in the world of technology, in the world of work around
us.
The World is Under Severe Attack:
While the world is amazingly being powered by cloud and the
up-and-coming technologies, we should also remember that there is always a flip
side to any technological advancement. And one of the threats that I bring
forward here is that the world is also under severe virtual attack.
If you’re familiar with any of these terms, then
congratulations — and welcome to the new normal of
cybersecurity.
If I request you to put your futurist hat for one more time
and ask you to predict the future of cyber-security, it is actually not as hard
as some of you are thinking it to be. The future of cyber-security is that- there
will be a next attack soon. There is a hacker waiting to exploit the vulnerabilities
in your systems, trying to steal the data, trying to attack our systems.
There are several considerations that go into designing the
security models for the future than only dealing with the innovativeness of the
security attacks being unleashed. I would like to talk about a couple of
aspects-
The Weakest link in the Chain:
Citrix recently did
a study with the Ponemon Institute and there were some interesting findings
from the survey. One part of study
suggested that today’s workforce really comprises of three different
generations. Nearly 50% of people participating in the world economy are the
Digital natives i.e. the people who were born with technology, the people who doesn’t
know how the world looked like without technology. The rest of workforce
comprises of Gen-Xers (born 1965-1980) and Baby Boomers (both 1946-1964).
But why is the discussion of generational differences
important in the context of Cyber-Security ? As our study suggested, it turns
out, it is quite important. As Christian Reilly says here-
Any
technology-based solution is only as strong as its weakest link; it’s
last line of defense, and, in case after case, we learn that the source of the
introduction of malware and ransomware has been as a result of the intervention
of one or more end-users. Perhaps they clicked a malicious link in an email.
Perhaps they opened a malicious attachment.
Each generation of workforce has different views on
information sharing, collaboration, technology, and the role security plays in
each. The global study shows that each generation is also susceptible to
different kinds of security vulnerabilities:
55% of security and business respondents said that
Millennials, born
1981-1997, pose the greatest risk of circumventing IT security policies
and using unapproved apps in the workplace.
33% said Baby Boomers, born 1946-1964, are most susceptible
to phishing and social engineering scams.
32% said Gen-Xers, born 1965-1980, were most likely to
circumvent security policies and use unapproved apps and devices in the
workplace.
The security models of the future would be successful only
if among other considerations they also take into account the generational
differences at workforce.
Tightening Regulations:
Another aspect that I wanted to briefly touch upon was the
effect current regulations are bringing forward. By this time next year, General Data
Protection Regulation (GDPR), would have come into effect for all the companies
dealing with data of EU customers. In the past, many of
privacy regulations were toothless – and for many companies it was easier
to pay tens of thousands in fines, rather than investing millions to fix the
problem. That’s not the case with GDPR. The fine can be up to EUR €20 million
OR 4% of the worldwide (!) revenue (not profit!) of the company. As Martin
Zugec said here-
We are used to saying
that IT solutions can be cheap, developed fast or designed to be secure – and
you can choose any two of those. With GDPR, secure is a mandatory requirement
for any IT solution that contains data about individuals. Security is no longer
an ad hoc process, it needs to become our new lifestyle.
Old Security Perimeters Doesn't Help The New World of Work:
How do Enterprises deal with such diversity of users,
tightened regulations and the ever-increasing innovativeness of the attacks.
In the Enterprise context, We are an intersection of users
and applications.
The current context of work has changed a lot. People are no
longer using only the IT managed apps but are bringing any web-based,
cloud-based, mobility app. Not only that, people are not just working within the organization boundaries but are
working at any place of their choice, roaming, on any device, using OS of their
choice. As we often say in Citrix-
“Work is not a place.
Work is an activity you do at a place you find inspiration.”
Older IT enterprise architectures were designed more keeping
in the principles of Inaccessibility and Invisibility i.e. any intruder outside
the boundaries of the organization cannot access the details of network
infrastructure, not could it access any data and applications. This physical perimeter
built by the traditional IT worked reasonably worked in the world of past where
application and employee location were a constant. But in today’s world when
the application, location and work context is no longer static, the perimeter of
past is longer sufficient. Current enterprises need a better, strong, secure
and flexible perimeter. So, what’s the solution ?
Citrix Secure Digital Workspace:
This is where Citrix comes in, really helping the
organizations tame that complexity and pulling it together in a way by creating
this new software defined perimeter but also enabling this easy access for
people wherever they are around the world, whatever device they come in, to
give them contextual access to technology whether it is the cloud technology
coming from one of many clouds, whether it is traditional on-prem technology or
whether it is a mobile technology, they need to access it all in a simple
contextual way and that is precisely what we do and on the IT side really need
to manage all these devices, they really need to control the policy for access.
Very recently we introduced, Citrix Secure DigitalWorkspace- effectively taking up this amazing foundation that we laid down with
Xen family of products, with Netscaler, with Sharefile and enabling this future
of work- powered by Citrix Cloud driven by Artificial Intelligence.
Credits and Inspiration:
https://www.citrix.com/blogs/2017/06/08/you-cant-touch-this/
https://www.citrix.com/blogs/2017/06/08/welcome-to-the-future-of-work/
